2024-02-21_b96985d6f413e33e4caf149be367ff21_bugat_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-21_b96985d6f413e33e4caf149be367ff21_bugat_icedid
Size

956KB
MD5

b96985d6f413e33e4caf149be367ff21
SHA1

155c490e236929ba2439e0157972846bb6464b40
SHA256

7f78b1e2e5f56b2754a272fe3d4678ed43f1c089af5439ce366a642591a2289b
SHA512

64844e63905ead6929a56f7f85b7ac299cf748d29e7d2fa9f329b46142c9a60b38f1008056b9e94f975b693ca55add51b00cdceac38700716fb5900731488173
SSDEEP

24576:kD1BBEmlHFMalEXD2sGtcHp2+NYyQev/G:3modz2sGtcHpfYyQM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-21_b96985d6f413e33e4caf149be367ff21_bugat_icedid

Files

2024-02-21_b96985d6f413e33e4caf149be367ff21_bugat_icedid
.exe windows:4 windows x86 arch:x86

0ae445fe9adcb491757ab664bf5567c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
SetEnvironmentVariableA
SetEnvironmentVariableW
LCMapStringA
LCMapStringW
GetCurrentProcessId
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
HeapSize
InterlockedExchange
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
TerminateProcess
ExitProcess
GetDriveTypeA
GetSystemTimeAsFileTime
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
GetCurrentDirectoryA
GetTickCount
FindResourceExA
GetOEMCP
GetCPInfo
GlobalFlags
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
lstrcpyA
VirtualProtect
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
SystemTimeToFileTime
FileTimeToSystemTime
CloseHandle
SetLastError
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
RaiseException
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiA
GetStringTypeExA
lstrlenW
CompareStringA
CompareStringW
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
GetDateFormatA
GetVersion
GetCurrencyFormatA
WinExec
GetLastError
FormatMessageA
LocalFree
lstrlenA
MultiByteToWideChar
MulDiv
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
QueryPerformanceCounter

user32

SetCursorPos
SetParent
GetSystemMenu
DeleteMenu
WindowFromPoint
ShowOwnedPopups
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetWindowContextHelpId
SetWindowRgn
DrawIcon
GetAsyncKeyState
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetMenu
DestroyCursor
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
DefMDIChildProcA
DefFrameProcA
GetMessageA
ValidateRect
AppendMenuA
InsertMenuA
RemoveMenu
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
DestroyMenu
GetMenuItemInfoA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
CheckRadioButton
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
CreateMenu
SetFocus
IsChild
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetCursor
LoadCursorA
UpdateWindow
SendMessageA
LoadBitmapA
GetSubMenu
LoadMenuA
ScreenToClient
GetCursorPos
EnableWindow
GetParent
InvalidateRect
FillRect
GetSysColor
PostMessageA
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
IntersectRect
GetWindowPlacement
UnhookWindowsHookEx
IsClipboardFormatAvailable
IsWindowVisible
IsIconic
IsZoomed
UnregisterClassA
CharUpperA
PostThreadMessageA
GetTabbedTextExtentA
CharNextA
GetDCEx
GetClassLongA
GetWindowLongA
ClientToScreen
BeginDeferWindowPos
EndDeferWindowPos
SystemParametersInfoA
GetSysColorBrush
PtInRect
InflateRect
SetRectEmpty
ReleaseCapture
GetDC
LockWindowUpdate
DestroyIcon
SendDlgItemMessageA
RegisterClipboardFormatA
SetRect
SetTimer
GetWindow
KillTimer
MapDialogRect
GetClientRect
GetFocus
DispatchMessageA
TranslateMessage
PostQuitMessage
PeekMessageA
wsprintfA
GetWindowTextA
FindWindowA
ShowWindow
SetForegroundWindow
RedrawWindow
GetWindowRect
OffsetRect
IsWindow
GetSystemMetrics
MessageBeep
ShowScrollBar
CopyRect
SetWindowPos
GetKeyState
IsRectEmpty
SetCapture
ReleaseDC
DrawMenuBar

gdi32

CreatePatternBrush
CreateDCA
SetAbortProc
AbortDoc
CreateEllipticRgn
Ellipse
GetRgnBox
SetRectRgn
GetMapMode
StretchDIBits
GetCharWidthA
GetBkColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
EnumFontFamiliesExA
DeleteDC
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
CombineRgn
CreateSolidBrush
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
GetTextColor
SelectObject
LPtoDP
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
GetViewportOrgEx
SetViewportOrgEx
BitBlt
DeleteObject
GetObjectA
PatBlt
CreatePen
Pie
Polygon
ExtTextOutA
Rectangle
GetTextExtentPoint32A
CreateFontIndirectA
GetDeviceCaps
DPtoLP
CreateFontA
GetTextMetricsA
EndPage
StartPage
EndDoc
MoveToEx

comdlg32

GetFileTitleA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
ChooseFontA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

GetFileSecurityA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA
SetFileSecurityA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ord17
ImageList_Draw
ImageList_GetImageInfo
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocStringLen
VariantChangeType
SysStringLen
SysAllocStringByteLen
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
VarCyFromStr
OleCreateFontIndirect

Sections

.text
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ae445fe9adcb491757ab664bf5567c0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 596KB - Virtual size: 595KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 192KB - Virtual size: 191KB

.text
Size: 596KB - Virtual size: 595KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 192KB - Virtual size: 191KB